Microgrid Systems: Towards a Technical Performance Assessment Frame

A microgrid is an independent power system that can be connected to the grid or operated in an islanded mode. This single grid entity is widely used for furthering access to energy and ensuring reliable energy supply. However, if islanded, microgrids do not benefit from the high inertia of the main grid and can be subject to high variations in terms of voltage and frequency, which challenge their stability. In addition, operability and interoperability requirements, standards as well as directives have addressed main concerns regarding a microgrid’s reliability, use of distributed local resources and cybersecurity. Nevertheless, microgrid systems are quickly evolving through digitalization and have a large range of applications. Thus, a consensus over their testing must be further developed with the current technological development. Here, we describe existing technical requirements and assessment criteria for a microgrid’s main functionalities to foster harmonization of functionality-level testing and an international conception of system-level one. This framework is proposed as a reference document for assessment frame development serving both microgrid research and implementation for a comprehensive understanding of technical microgrid performance and its current assessment challenges, such as lack of standardization and evolving technology.


Introduction
Wildly seen as a key to support large-scale integration of renewable energy sources and low carbon technologies connected to low and medium voltage networks, microgrids (MGs) are expected to play a substantial role in reaching the UN's goal of "sustainable energy for all". They could be a building block of the centralized grid and foster the coupling of different energy sectors, facilitate demand-side management (DSM), or provide ancillary services, such as increased resilience or flexibility. Especially in Europe, MG technologies will support the recent clean energy legislation that requires creating electricity markets with "active customers/consumers and citizens" and "energy communities" [1][2][3].
However, internationally harmonized testing protocols and performance assessment guidelines for MG systems have yet to be defined. Challenging obstacles for a comprehensive MG performance assessment are fast evolving MG technologies, changing requirements for grid-connected and islanded operation, and a lack of standardization. Moreover, their associated performance levels and indicators are not commonly available.
Nevertheless, customers need to be able to compare MG controllers and functionalities on a neutral basis. The benchmarking of MGs functions would serve as a guideline for energy communities and industrial applications. Contributing to the effort of establishing standardized assessments of MGs, this paper describes the existing testing requirements and possible performance indicators for the following MG concerns: reliability, including the transition between operation modes, network protection, power quality and ancillary services, as well as energy dispatch and cybersecurity. However, the impact of outages by maintenance or faults on the system performance is not directly addressed in this paper. Those outages as also special flexibility aspects and self-healing capacities after faults are partly covered by the reliability aspects. Moreover, alternating current (AC) MGs are the main focus of this work as they can directly be integrated into existing power networks, making them a midterm growing market in developed economies and thus requiring a rapid standardization to ensure a coherent deployment.
The paper is organized as follows: Section 2 contextualizes MG testing by presenting its functionalities, standards, and existing testing architectures. Then, for each of those MG main concerns, Section 3 synthesizes the assessment requirements extracted from standards and from the literature as well as the associated performance measures. Finally, in Section 4, the testing challenges for each of these functions, along with possible MG assessment strategies to face them, are discussed.

Microgrid Objectives and Functions
Different MG definitions have been set within the Institute of Electrical and Electronics Engineers (IEEE) 2030.7 standard [4], the US Department of Energy report [5], the International Electrotechnical Commission (IEC) 60050-617 standard [6] and the CIGRÉ MG evolution roadmap [1]. By aggregating them, an MG can be defined as a group of loads and generators that operates as a single entity in grid-connected or islanded mode concerning the utility grid, as illustrated by Figure 1. As detailed in [1], MGs have three main objectives: to provide an alternative to local energy service in terms of power quality and/or reliability, to enhance the usage of local energy assets and to interface the main grid with variable local sources and loads. These objectives can have different priorities or required quality levels depending on the use case. Critical infrastructures may prioritize reliability in terms of continuity of supply and cybersecurity, energy communities may prioritize usage of local generation and energy dispatch, and MGs with sensitive industrial or information communication technology (ICT) loads may prioritize power quality. However, while implementing those features, MGs are challenging in terms of operation and control, which requires appropriate standards and testing processes. Some of these challenges include stability issues, low inertia, bidirectional power flows and uncertainty [7,8].

Standards and Technical Specifications
Standards build a base of understanding the requirements of smart grids, including MG as a special kind of smart grid [9]. In particular, IEEE standards cover the interoperability and the interconnection of distributed resources with smart grids considering islanded microgrids (IMGs) and grid-connected microgrids (GMGs). Moreover, IEEE describes specific testing procedures for MG controllers and storage systems. Concerning IEC standard series 62898, it gives the requirements for the design and operation of MGs. Coming IEC publications will also tackle MG features, such as protecting MGs and its energy dispatch management. Those standards provide examples for MG structures, requirements and their control as well as protection in general that serve as recommendations, which are used and discussed later in this paper. Standards, grid codes and directives, as shown in Table 1, regulate the implementation and testing of MGs. The standards, grid codes and directives describe measures for testing the effectiveness of functionalities to ensure a necessary quality level. However, the customer or microgrid operator and the evolving microgrid market would benefit from additional information about the efficiency of functionalities as well. There are numerous descriptions of individual MG systems and tests of single functionalities, but a generalized and harmonized view is missing.

Microgrid Test-Beds
Technical specifications, as described above, allow a standardized development of MGs, whose functionalities are tested through either simulation, hardware-in-the-loop systems or field experiments. To enable the comparison of those MG operations, benchmarking MGs have emerged from collaborations, such as the Consortium for Electric Reliability Technology Solutions (CERTS) or the CIGRÉ, as well as from specific field implementations. The overview of existing field experiments and test-beds given in Table 2 [10][11][12] underlines the variability of MG architectures and designs, which leads to challenges to establish a comparison framework for MGs. From the different existing MGs [1], this study focuses on MGs with one point of interconnection (POI). Table 2 summarizes a literature review on microgrid test-beds according to their application, power level and described tests. We notice that direct current (DC) MG systems are underrepresented compare to AC ones. Moreover, information about systems presenting recent activities and, thus, potential availability for further testing is given when available. The diversity of MGs suggests that a universal MG architecture for benchmarking is not appropriate and that application-specific test systems must be developed. However, multiplication of testing processes has the risk of complexifying MG functionality assess-ment and comparison. As a result, the balance between application-specific and general testing systems must be struck. Looking for suitable assessment requirements, we consider three main MG concerns: reliability, use of distributed local resources and cybersecurity.

Microgrid Reliability
For the reliability of supply in an MG, we distinguish four main features: continuity of supply, power quality, safety and protection, and secure operation. For the latter, we focus on ancillary services. These features use partly overlapping functionalities. Thus, we sum up important assessment criteria in a common table at the end of this section after we describe them individually.

Continuity of Supply
Enhanced resilience and continuity of supply is an MG key feature in regions with frequent outages because of technical failures, weather events or insufficient capacity of the main grid. The islanded operation of the MG can provide a backup solution, and the efficiency of the transition process between grid-tied and islanded operation must meet the requirements of the supplied loads. This chapter addresses the assessment of this transition process whose assessment criteria are defined considering requirements, conditions and impacts of the transition between the different operation modes.
Four transition modes are defined: unplanned islanding, planned islanding, and black start and reconnect [4]. During the transition between grid-connected and islanded operation, fluctuations in voltage and frequency appear. For those fluctuations, different requirements exist mainly depending on the sensitivity of the supplied loads. An overview of different standards and guidelines is given in [13]. These standards and guidelines define classes for grids concerning their different compatibility levels to avoid damages at disturbances. Following the standards, class 2 correlates with the public grid, while class 1 is for sensitive loads with a high demand for power quality. Class 3 is for insensitive loads like in industrial grids. One requirement of MG control is to keep the disturbance level and the time duration within those defined limits. Especially in the case of unplanned islanding due to a fault or fault clearance in the main grid, for example, an MG can become unstable [14].
An abrupt difference between generation and load in conjunction with low remaining inertia may cause great deviations in frequency and voltage [15]. To ensure a smooth transition between grid-connected and island operation, different control strategies exist, such as the combination of bypass converter and switches or special controls [14,[16][17][18]. For reconnection, the island interconnection device (IID) [19] shall check voltage, frequency and phase angle to ensure limitations are kept. [19] describes three reconnection modes, (1) active synchronization with a control mechanism to match voltage, frequency and phase angle at the POI, (2) passive synchronization, which reconnects when differences are within acceptable limits, and (3) de-energized reconnection (connection of the MG with all generators disconnected or turned off.).
To date, the standards do not contain any general criteria for an assessment of the transition between the modes. Ref. [20] recommends security and stability assessments of any transient processes of MGs in general. An assessment shall consider the addressed use-cases of the MG to bring the effect of disturbances for the operation of the MG into account. An MG for sensitive loads, such as controls or computer systems, needs a smoother transition than an MG for insensitive loads. A different criterion could be the time needed for a transition from steady-state modes grid-connected to islanded mode and vice versa and the duration and amount of unserved demand. A possible assessment matrix for this transition is proposed in Table 3. Here, the criteria for the transition assessment are fluctuations in voltage and frequency, their level of increase or decrease and how fast the steady-state is reached. The maximum rate of change of frequency (RoCoF) is a further criterion, as well as the interruption in the supply of loads with load ratio and duration time. Table 3. Microgrid assessment matrix for transition between grid-connected and island operation mode (example values for sensitive loads).

Interruption of supply
Load ratio 0% 0% 0% 0% Duration time <20 ms <20 ms <20 ms <20 ms In the assessment, the four defined transition modes need to be considered. With the system average interruption duration index (SAIDI), the system average interruption frequency index (SAIFI) and the customer average interruption duration index (CAIDI) assessment indices for interruption of supply exist. These indices are commonly used in the energy sector, but the definition of the events used for the calculation is not fully harmonized [21] and should be adapted to MG use cases. Especially the exclusion of planned interruptions, interruptions shorter than three minutes and interruptions due to force majeure can contradict the reliability requirements for MGs. For grid planning, indices like "loss of load probability" or "expected energy not supplied" [22] are applied. In addition, other metrics were developed by user-driven organizations like the Information Technology Industry Council (ITI) [23] or the semiconductor industry [24].

Power Quality
The power quality in electrical grids plays an important role in ensuring a proper and secure operation of the electrical assets in the grid. The operation out of the limits specified in the national grid codes and international standards might raise different issues in electrical grids, such as lack of synchronization, resonance and outages, among others. Power quality becomes increasingly important in the MG, especially with the high penetration of renewable energy sources (RESs), where the availability of the resource follows a stochastic process. The presence of inverters and multiple control loops for balancing and stabilizing the MG cause a high introduction of harmonics and might lead to stability issues in the interaction of multiple control loops, as explained in [25]. Also, knowing the main grid status is a central requirement to control the MG safely. The requirements for power quality in public electrical grids are described in international standards and the grid codes. In Europe, the reference standard EN 50160 defines the essential requirements at the point of common coupling (PCC) under normal operation, which defines a minimal grid power quality for the customers. For instance, the requirements for different voltage levels are summarized in Table 4 [26]. For the continuity of supply and for the power quality parameters, additional industry-specific recommendations or standards exist for continuity of supply and power quality parameters.
To establish and implement countermeasures against power quality issues, a monitoring system comprised of multiple sensors and power quality analyzers distributed along the grid is recommended for a very detailed observation of the voltages and currents. These devices must be able to measure transient phenomena, short-duration events, longduration events and steady-state. Table 5 summarizes the type of event and duration. The sampling rate and recording time must be adjusted in the measuring device depending on the type of event [27]. Harmonic distortion THD < 8% THD < 5% THD < 3% Table 5. Type and duration of events in electrical grids. The required amount of measuring devices and the allocation varies depending on the grid size and its topology. The measuring devices must be able to detect power quality issues within the entire grid and determine local areas where these issues are produced. Additionally, the measuring devices should be interconnected to a high availability communication system for the monitoring system. Despite the MGs' technical and environmental benefits, the existence of MGs in the electrical energy system creates many challenges in maintaining the power quality. Power quality problems, such as active-reactive power variation, voltage and frequency deviation, poor power factor, and unplanned blackouts, are common in MGs [28]. According to [29], the problem of power quality in MGs has three primary sources: the fluctuating of the generated power from the RES; the generated harmonics from the power electronic devices in the MG; the transition between the gridconnected and islanded mode during the MG operation. The existence of inverter-based generators (IBG) in the MG may reduce the quality of the supplied current to the load due to the generated harmonics from the switching process in the inverter. Moreover, connecting and disconnecting the MG from the main grid could lead to significant voltage and frequency variations, causing severe problems for the connected loads. Therefore, several studies have been conducted to improve the power quality of the MG in grid-connected and islanded mode by enhancing the design of the power-electronic inverters [30], enhancing the operation of the MG controller, or adding additional devices to the MG.

Type of Phenomena Phenomena/Event Duration
The MG controller's main objective is to maintain some power quality aspects by holding the voltage and frequency within the specified ranges under all operating conditions. In addition, the MG controller is responsible for managing the active-reactive power flow within the MG [31]. In this sense, the droop controller with different schemes has been widely used to coordinate the MG operation depending on the active and reactive power measurement, as well as the frequency and the voltage limitations. In [32], an adaptive virtual impedance control loop was proposed based on the droop controller concept to guarantee an accurate distribution of the reactive power. In [33], the droop controller is utilized with a decentralized control scheme for nonlinear load sharing to improved voltage quality and reduces the MG overloading. A modified droop controller was introduced in [34] to improve load-sharing accuracy and operation stability. The conventional droop controller performance was improved by the dynamic decoupling of active and reactive power in the controlling mechanism.
Furthermore, due to the massive development in machine learning algorithms, many researchers utilized artificial intelligence algorithms to enhance the operation of the MG [35]. In [36], an artificial neural network-based controller is utilized to control the battery storage unit in an MG to enhance the power quality. Moreover, the k-nearest neighbor pattern recognition method is used to choose the proper compensator for improving the MG's power quality in [37]. Finally, additional components can be used to compensate for the power quality of MGs, such as solid-state transfer switch (SSTS), dynamic voltage restorer (DVR), distribution static compensator (DSTATCO), and unified power quality conditioner (UPQC) [37][38][39]. The performance of these devices can be improved by adding novel control algorithms. In [29], an online framework is proposed to calibrate the set point of the DSTATCOM by monitoring the point of common coupling of the MG and the distributed energy resource (DER) current. The referenced articles show the effectiveness of the specific monitoring and control approaches. However, a generalized approach for comparing their efficiency does not seem to be available.

Protection System
Changes in network structures are challenging for the protection system coordination. In the case of an MG, the changes in the network structures can be vast. While grid-connected, the main grid and all connected generators provide the fault current. In island mode, only the generators of the MG can provide the fault current. During island operation, the short circuit current level is usually significantly lower, especially in MG with a high share of IBG. Unlike synchronous machines, IBG can only provide a current close to their nominal currents under fault conditions. These circumstances lead to a change in the fault current level, and it gets close to the maximal operation current and, in some cases, to the change of the direction of the fault current. The resulting effect on network protection is very important and needs further studies for proper coordination. While island mode standards like [19] require accuracy of fault detection and clearance equal to the grid-connected mode, the traditional overcurrent protection devices become problematic in operation in these two modes. Indeed, especially with distributed IBG, [40][41][42][43][44] the fault current decreases and lead to longer tripping times (e.g., due to blinding effects) and unselective disconnection. For medium voltage (MV) MGs, [20] recommends using protection devices like the ones in the transmission system (e.g., current differential, distance protection). While for low voltage (LV) MGs using costly protection devices should not be necessary. This is why using fuses is very common in traditional LV networks. Common suggestions for MG protection are adaptive protection, additional protection devices, additional measurement points, directional protection devices, and using communication for protection devices [41][42][43][44][45][46], even if some devices need special adaptations [47]. Others [40] suggest using fault current limiters to keep unidirectional overcurrent relays with one single set of parameters for both the grid-connected and islanded mode. The purpose of the fault current limiters is to keep the fault current stable for all operation modes. With this, the protection should be capable of detecting faults selectively. These suggestions for protection schemes are divided into six categories [48]. In summary, the suggestions lead to two possible protection strategies: (i) decentralized (mostly time-grading-based) protection (e.g., [40]) and (ii) centralized (communication-based) protection (e.g., [49]). Both strategies should ensure fast and selective detection of faults for the different fault current levels of the operation modes and different generation and load conditions. Adaptive protection, as in [42,43], is a decentralized protection strategy with centralized coordination.
Compared to network protection, protecting a DER is relatively manageable [43]. There are only two possibilities for changes of the generators: (i) disabling or enabling of any anti-islanding protection and (ii) change of the control mode. Both do not affect the protection thresholds. Disabling or adapting the anti-islanding protection is necessary to avoid unintentional disconnection of generators in the case of switching from connected to islanded mode. For unintentional islanding, disabling or adapting the anti-islanding protection shall be faster than the anti-islanding protection itself to prevent a loss of generation. While changing from island mode to connected mode, the anti-islanding protection needs to be enabled or adapt according to the requirements for interconnection with the public grid. Fault ride-through (FRT) capability shall be provided in island operation to keep the voltage and the power provision during voltage sags and to provide the fault current to facilitate the detection of the fault by overcurrent relays. Especially for LV-connected IBG, using this capability is not very common. Some grid codes require a limitation of the FRT capability to stay connected without any provision of currents (VDE-AR-4105). Ref. [47] recommends adapting the FRT requirements for MGs by considering the response time of protection devices within the distribution level. The grounding system (i.e., the ground-fault protection) should be maintained for island operation as for gridconnected operation. Quite common is using a delta-wye transformer with grounded star point from MV to LV, while IBG uses a 3-phase connection. The change from a grounded system to an isolated system or a grounded system with isolated sources should be avoided [19]. Requirements from standards for units themselves must be considered as well. Overvoltage with values of phase-to-phase for phase-to-neutral structures may need to be considered for 1-phase to ground faults. This depends on the grounding system and the operation strategies of the MG.
Recommendations for MG protection schemes are given in [20] and the announced IEC TS 62898-3-1. The protection of an MG shall be reliable, rapid, sensitive and selective for both operation modes to ensure a safe and stable operation at any condition. Based on these technology-independent requirements, the assessment matrix for the reliability of the MG network protection may be used for grid-connected and island operation modes. Additionally, new devices and functions provide new potentials of failure, e.g., communication failure. The dependability of the MG protection compared to a protection system of a conventional network should also be considered for the assessment.

Reliable Operation with Focus on Ancillary Services
The secure operation essentially deals with the question of whether the power grid is operated in a stable state and remains stable even after failure events [22]. For this purpose, transmission system operators usually provide or procure ancillary services, although the provision by DER within MGs is getting more relevant in recent years. A grid-connected MG as a collection of controllable resources (dispatchable generators, energy storage system (ESS), adjustable loads) is considered capable of improving the reliability, security and efficiency of the interconnected grid [50,51]. In islanded mode, ancillary services must be adapted to the needs of the stable, stand-alone MG operation. The following paragraphs try to give an overview of ancillary services by showing selected examples from the literature where ancillary services were applied in MGs. In addition, different definitions of ancillary services are described, and a metric to evaluate the quality of ancillary services was created.
In [50], a microgrid controller that provides ancillary services to the utility grid was applied, whereas in [51], the focus is on the optimal planning of MGs, i.e., the optimal size and location of generators. Ref. [52] shows that the participation of more than one MG in the provision of ancillary services is useful. Subsequently, centralized control is compared with decentralized control. The main benefit of a centralized approach is the optimal economic operation, but technology and infrastructure for communication are required. Ref. [53][54][55] also concluded that a multi-agent system is the best structure to participate in the energy market. Ref. [56] implemented such an MG central controller to maximize the profit of the energy market participation. Ancillary services, in general, means "a service necessary for the operation of a transmission or distribution system" [57]. A more detailed definition can be found in [58]: "Ancillary Services are all services required by the transmission or distribution system operator to enable them to maintain the integrity and stability of the transmission or distribution system as well as the power quality". Ref. [58] also states the difference of system service and ancillary service: "System services are all services provided by some system function (such as a system operator or a grid/network operator) to users connected to the system. Ancillary services are services procured by a system functionality (system operator or grid/network operator) from system users to be able to provide system services." It is important to mention that there is no uniform collection of all the ancillary services that can be provided. The European Directive 2009/72/EC [57] is the general framework for Europe, with Order 888 of the Federal Energy Regulatory Commission of the United States of America (FERC) as its counterpart. [59] presents an investigation of ten ancillary services with a focus on the provision from DER. It was determined that the provisioning of ancillary services by DERs could have a positive impact on power quality problems because of the following characteristics of a DER:

•
Efficiency of local regulation with local sources [60]; • Fast response for harmonic compensation and network stability; • Proximity to the user for backup supply and peak shaving; • Reserve utility for other ancillary services when the utility has enough real power.
DER with a power electronic interface is capable of a very quick response to changes in the system, so it is very useful for the provision of ancillary services [61] whom the impacts are described in Table 6 [59]. Table 6. Ancillary services and their most beneficial impact [59].

Ancillary Services
Most Impact on

Reliability Assessment Metrics
For the overall reliability, we distinguish between user and system requirements. Additionally, economic aspects should be considered for optimal operation. Table 7 [58,[62][63][64][65][66] gives a survey of relevant functionalities where an assessment is needed.

Use of Distributed Local Resources
Energy dispatch or energy management system (EMS) refers to the slowest MG control where operations are carried out at the minute scale or more. Furthermore, called tertiary control, this level consists of the operating and controlling features acting on the energy resources and loads to manage the power flow exchanges within the MG and with the main grid to ensure optimal operations [67]. This optimality is usually defined in terms of economic as well as ecological criteria. In charge of the energy dispatch optimization, EMS can be divided into different modules dealing with the demand and the production side as well as the forecasting of both [68]. Those modules are defined as: DSM includes methods used to adapt demand to available generation, for example, to promote self-consumption and reduce the aggregated energy consumption during peak demand [69]. These processes are encouraged by financial incentives, such as off-peak rates that lower the electricity cost during specific times as well as through consumer education. The aim of those preventive methods is not only to reduce the overall consumption but also to spread it temporally so as to match generation and infrastructure capacities with energy demand. By ensuring this energy balance, DSM reduces the need for investments in power system capacity. On the generation side, DO refers to the methods used to optimally generate energy and allocate it according to the loads, storage systems and sources [70].
The sources can be all kinds, including diesel generators, solar panels, or wind turbines. DO can aim for different optimization objectives, such as economical ones by reducing the energy costs or environmental by reducing the CO2 emissions or by increasing the share of renewable energy used. Another optimization objective can be the power stability in the MG to ensure a high-power quality. Finally, FM refers to the forecasting techniques applied to predict power generation [71] as well as energy load [72] and electricity prices [73] based on external and internal factors. Forecasting techniques are numerous and can range from linear to nonlinear methods as well as machine learning ones. The techniques are selected according to the forecast requirements, the data available and the time resolution. Common forecasts for power generation are mainly related to renewable energy, such as solar and wind power.
Comparing EMS control features is challenging as various strategies, having distinct characteristics and objectives, have been developed to carry out those functionalities. To interpret the performance difference, it is necessary to identify the characteristics of the compared control modules. For example, the comparison of two energy load FMs having different time resolutions, prediction methods and data inputs will not allow concluding, which characteristics influence the variations of performance on the MG fuel consumption. Additionally, comparing DSM modules presenting distinct control architectures and prediction horizons will also lead to a weak interpretation of their performance differences as their source is uncertain. Moreover, to evaluate tertiary control modules, it is recommended to identify and limit their characteristics differences.
This identification can be based on Table 8 [68 -83], which presents a comprehensive synthesis of those characteristics from the literature. Furthermore, the comparison interpretation relies on performance metrics used. The metrics should be defined according to the application objectives and constraints as well as the features compared. Indeed, adequate performance indicators are necessary to support the interpretation and the selection of the feature strategy. For example, comparing two DO modules in terms of renewable energy penetration may not give a complete performance representation if the application is limited in terms of computational resources. To identify the metric or set of metrics to consider Table 9 [71,72,74,75,77,78,80,81,[84][85][86][87][88][89] proposes an extensive combination of them. Finally, recommendations to compare EMS control features of MG include the evaluation and limitation of distinct characteristics between the compared modules as well as the selection of representative sets of metrics in terms of the study objectives and constraints. Table 8. Characteristics of energy management system (EMS) [68][69][70][71][72][73][74][75][76][77][78][79][80][81][82][83].

Definition
Objective and constraints Goals of the process defined in terms of statement, objective function or/and conditions to satisfy Market interaction Possibility to incorporate energy contract or to directly integrate energy market inputs into the process Security and privacy Confidentiality and protection of data exchange in the overall energy system during the process operation Legal feasibility Need of new or modified laws to implement the process strategy Table 9. Metrics synthesis of EMS control features [71,72,74,75,77,78,80,81,[84][85][86][87][88][89].

Economic
Consumption cost Cost associated with the energy consumption usually given in currency by time or in leveled cost of energy Implementation cost Economic impact of the process implementation on consumer and/or utilities Energy imported Amount of energy imported from the grid during a given period (if a microgrid is grid-connected)

Energy efficiency & Environment
Peak load occurrence Energy consumption event going above a given threshold, generally given as a number of occurrences

Cybersecurity
Cybersecurity is an important factor in the life cycle and operation of an MG. This section gives an overview of cybersecurity aspects as well as current approaches for improving security on different levels. Subsequently, a summary of quality benchmarks for a cyber-secure MG is presented, along with recommended actions, which can reduce security risks in such systems.
The MG is a cyber-physical system, which comprises information, control, communication and field levels [90]. The information level refers to the processing, storing, and provisioning of information in data centers and cloud applications. The aggregated information is also used at the control level, which coordinates the secure, reliable and stable operation of the grid. Control-level applications (e.g., SCADA and DCS) are concerned with monitoring and managing grid operations. The communication level comprises information and ICT, which allows the timely and secure transmission of information between different actors (e.g., measurements or control commands). Lastly, the field level includes the electrical equipment and smart devices involved in energy generation, transmission, distribution, consumption, and measurement.
Attacks targeting an MG can be initially classified as passive and active. Passive attacks extract valuable information, such as consumer data, credentials, and configurations. Information leakage is generally a high-risk problem if privacy is a concern, but it appears at first inconsequential for the grid's safe operation. However, the leaked information could allow passive actors to corrupt a system actively in the future [91]. Active attacks include injection of meter readings, forging or replaying commands, and elevating the privilege of users to corrupt a system temporarily (e.g., to disrupt or destroy it) or permanently (i.e., as a strategic access point in the future). Adversaries can exploit several attack vectors, which introduce significant risks in the electrical infrastructure. In a worst-case scenario, attacks can lead to blackouts, physical damage, and loss of life. Exploitable attack vectors must be addressed on a device, software, communication, and orchestration level [92].
The main cyber-security challenge on a field or device level can be summarized as the reliance on inputs and actions of devices that may be in the hands of an adversary. Indeed, the issue is compounded by the fast deployment of smart devices without adequate security and protection. Trust in the MG control and operation can be defined as some degree of confidence that, during some specific interval, the appropriate actor is accessing accurate and unmodified data, which is created by the intended device in the expected location at the proper time and communicated using the expected protocols [93]. Traditionally, the grid's control system is viewed as an environment with implicit security and trust (e.g., because the infrastructure is owned, operated, and protected by the operator). However, MG devices do not necessarily have physical protection and are owned and operated by multiple parties, including potential adversaries. Devices must be designed to be tamperresistant to prevent physical manipulation. Additionally, the push towards cloud services for grid management has significantly increased the number and variety of devices and parties involved such that often, access control-based policies will not be applicable or scale well [94]. The use of trusted computing hardware for MG devices can effectively address the need for adequate authentication, authorization, and credential protection as they offer a secure foundation (a root of trust) for important security guarantees, such as integrity, authenticity, confidentiality, provenance, and resilience [95][96][97].
The complexity of software systems, which enable the function, control, and processing in a smart MG, is increasing and rivals that of today's commodity systems (e.g., IoT devices, mobile and desktop computers) [98]. MG layers commonly share software from other domains and computing systems and with it their bugs and vulnerabilities. However, threats related to software engineering are well known and can be addressed in several ways [99]. The software systems in an MG will have to be designed and tested to the same principles as software, which is expected to be secure. Safety-critical systems often must undergo much more rigorous testing and certification procedure. One approach to improve software quality is referred to as formal specification and verification. However, large pieces of software (e.g., legacy code, updates, or patches) are notoriously laborious to specify, verify, or certify [100]. Fuzzing technologies provide an efficient way for testing such software systems for bugs and errors [101]. The MG is an essential infrastructure where non-critical software (e.g., user interfaces) should not interfere with critical software components. Applications from different security domains and with different levels of criticality must be isolated from another.
Smart MG devices use general-purpose internet technologies [93], whereas traditional grid communications have relied on reliable, predictable, and contained communication channels for monitoring and control. Compared to transmission and distribution grids, the lack of standardization for secure and reliable communication for MG systems poses risks in terms of cybersecurity [90] as described in Table 10. This threat can be reduced by adopting open standards communication protocols (e.g., DNP3, IEC61850), which promote standardization and security as the associated cybersecurity framework developed for them is accessible to every actor. However, standardization in the communication systems also has to include different levels of the open systems interconnection infrastructure in electrical systems as recommended by IEC 62351 [102]. The use of appropriate and secure communication protocols (e.g., TLS, IPsec) is mandatory when actors communicate over public networks to ensure properties such as confidentiality, integrity, privacy, and nonrepudiation. In summary, an MG network security concept should include frameworks for authentication, authorization, and encryption if necessary [93,103]. An intrusion detection system (IDS) can be effective at detecting adversaries on the network and directing mitigation procedures [91]. Table 10. Common weaknesses and remedies for microgrid security [90].

Risks Mitigation
Software application and security Poor code quality Today, a signature or rule-based IDS can be augmented with statistical methods [104,105], knowledge-based, and machine-learning methods [104] to detect a greater variety of attacks and anomalies [92].
Lastly, cyber-resiliency contributes significantly to power availability [106]. Service must remain available as much as possible even in the face of adverse conditions [107,108]. In case of faults, a resilient system must have an alternative way to continue its operation and, eventually, recover and return to the intended mode of operation. While the use of cloud systems generally improves the cyber-resiliency of a larger system, they do not cover smart devices and endpoints of an MG. Faults, which render a device or service unavailable, can be introduced by various IT attacks [109]. An MG system should implement an "identify, protect, detect, respond, and recover" cycle as proposed in the NIST Cyber-framework [110]. Systems need to be prepared for successful cyberattacks with requirements for availability, vital services, and playbooks for recovery [111]. Attacks should be prevented and assets protected by following relevant security standards. Responding to a cyber-incident requires detection and alert generation, but also decision-making. Lastly, MG devices should include a predetermined and secure way to recover from a cyberattack and return to a secure state [112][113][114].
Historically, privacy has not been a concern in the electrical grid [115]. However, the information that is available in a smart MG allows deep insights: usage data alone reveal whether someone is at home, work, or traveling or whether certain facilities are busy. Several records are sensitive [110]: name, address, account, meter reading, bills, billing history, home area appliances, lifestyle, DERs, meter IP, service provider-this list will likely be extended as new energy markets emerge. Privacy-preserving technologies will be mandatory and include privacy policy-based access to and usage of data, homomorphic data encryption [116], as well as privacy-focused market solutions [117].

Discussion
The following section discusses challenges concerning each previously introduced aspect of an MG assessment as well as further system-level considerations.
Starting with the transition between modes of operation, evolving technical matters are making testing protocols quickly obsolete, requiring changing recommendations. In particular, the control of voltage and frequency during transient events, including the coupling of active and reactive power for the voltage control, are still research topics. The issue is compounded by the increasing insertion of volatile DERs, which must operate within narrow set-point boundaries due to the low inertia of the system. In addition, quasi-static state and state transition in an MG are difficult to condition to assess given that they require technical stabilization that must also be included and tested. Lastly, assessment indices that quantify the interruption of supply are still to be adapted into a key performance index for such MG transition events.
Depending primarily on MG operation modes, power quality is also highly affected by the amount of power electronic devices within the MG. Furthermore, adaptive control strategies, which coordinate different grid elements, need to be implemented to compensate for these two factors. The control strategies are already technically challenging due to, for example, the insertion of a DER, and yet their complexity is increasing, and so are the requirements testing them. This aspect underlines that assessment processes need to evolve with technological advancements to encompass novel functionality and enable comprehensive but feasible testing protocols.
Concerning protection systems, their design is one of the main challenges in MG operations [45,46] as it relies on the network structure, changes in generation and load situation, which leads to various individual requirements. These specificities are reinforced by the need to identify efficient protection strategies ensuring the safe operation of different MG modes with very different fault current levels and directions as well as possible changes in the grounding system. That is why the establishment of an MG taxonomy is needed to generate group-specific performance indices, which facilitates standardized assessments.
Finally, further aspects of protection systems that could not be treated here in detail should also be considered in MG testing: coordination with the protection system of the main grid, while grid-connected, detection of unintentional islands within the MG during island operation and the cost efficiency of MG protection strategies [84].
Regarding ancillary services, there are two main obstacles for an assessment of the provision of ancillary services: one issue is the lack of a common understanding of ancillary services, which also undermines trade across borders [58]. Furthermore, the provision of ancillary services by DERs is not common in competitive markets, and guidelines are often not harmonized and can even contradict themselves [54,118]. Those aspects show that international institutions are necessary to harmonize the definitions and requirements for ancillary services to optimize exchanges and overall grid quality. Again, an assessment procedure should consider the change in requirements for grid-connected and islanded modes.
To develop EMS benchmarking processes for an MG, we observe several challenges within the literature, such as the testing representativeness. [76] proposes that evaluation scenarios should be defined by using aggregated time-series, such as household load profiles, to reduce the dependency of the performance results on a given dataset. However, this aspect could be challenging in the MG context since EMS are usually applied locally where high variability of the measured data are observed. This raises questions regarding a suitable environment for EMS testing. Most of the literature offers EMS evaluation from simulation software whose representativeness is uncertain or useful only for a specific MG implementation [119] with limited reproducibility. Nevertheless, a growing number of publications are using Control-Hardware-in-the-loop frameworks [89] to evaluate MG control as recommended by [120], which makes this framework a suitable candidate for further EMS benchmarking developments. In addition to the testing environment, considerations are also made on the representativeness of an independent evaluation of EMS strategies without the primary level control simulation [121]. Finally, concerning evaluation metrics, beyond economic and ecological ones, control robustness, adaptivity [7] and user acceptance [86] are underlined as essential features, which testing should include.
Growing with MG digitalization, the main cybersecurity challenges in MGs can be summarized as follows: (i) many parties rely on a large number of smart devices that may be in the hands of an adversary and (ii) a general lack of security standards for devices, software, configuration, communication, and orchestration. While solutions, which promote trust and authentication from field devices to cloud services [95][96][97] are available and can be benchmarked, such solutions still need to scale properly and be efficient to be useful in smart grids and MGs. Another challenge lies in the assessment and testing of trust management for particularly constrained or legacy devices that may not be able to implement recommended solutions. Furthermore, cyber-resilience is essential in MG designs, as faults and attacks must not be allowed to propagate, and the system, as a whole, needs a sure way to securely recover from an adverse or emergency situation. Lastly, aside from general references, there are no supporting security standards, which promote or evaluate a cyber-resilient design, implementation or operation of an MG yet. Finally, MG system-level assessment gaps have also been identified in the literature, such as the difference between alternating current or direct current grid testing directives and the growing implementation of hybrid grids [122]. Moreover, we note that MGs' general requirements and their interconnection to the main grid were discussed in MG research projects but not yet implemented in standards or grid codes. Furthermore, such standards will face difficulties due to the various applications of MG that make their requirements often implementation-specific. Finally, we observe a rise in the importance of privacy as more information is shared for operational and economic reasons. Especially energy producer and consumer information is an important asset that needs to be protected appropriately; yet, the requirements are still vague and varied. In addition, we can certainly conclude that a lack of privacy considerations can harm the proliferation of energy exchange markets and lead to a loss of customer acceptance and trust.

Conclusions
Due to their ability to connect to the main grid and their ongoing digitalization, MG systems should implement several functionalities, such as transition mode capability, power quality, protection systems, ancillary services, energy management and cybersecurity. Despite existing or evolving standards and directives for specific MG functions, they are not yet available to MGs' overall important aspects. Further, system-level MG benchmarking remains to be defined, and functionality-level benchmarking must be clarified. There is no consensus in the literature in terms of performance indicators and requirements extracted from the standards. To improve this situation, we presented and summarized the following topics: • MG main functionalities and associated standards as well as existing system-level MG architectures used for testing; • Actual requirements and assessment criteria for reliability, use of distributed local resources and cybersecurity within MG; • Prospects for the evolution of functionality and system-level MG testing as well as their current limitation.
This study can serve as a reference to start benchmarking activities at the MG functionality level but also at its system level. Indeed, we hope that this paper will contribute to a call for more and better standardization at the MG system level with internationally defined MG architectures for testing such that benchmarking is possible. Acknowledgments: This work was supported by the Fraunhofer Cluster of Excellence Integrated Energy Systems (CINES) that supports the Fraunhofer Microgrid Benchmarking Initiative, which seeks to develop testing facilities for low and medium voltage MGs connecting several institutes laboratories.

Conflicts of Interest:
The authors declare no conflict of interest.